Day: September 17, 2025

Categories
AI Today in 5

AI Today in 5: September 17, 2025, The What Are They Building Episode

Welcome to AI Today in 5, the newest edition to the Compliance Podcast Network. Each day, Tom Fox will bring you 5 stories about AI, so start your day, sit back, enjoy a cup of morning coffee, and listen in to the AI Today In 5, all from the Compliance Podcast Network. Each day, we consider four stories from the business world, compliance, ethics, risk management, leadership, or general interest related to AI.

Top AI stories include:

  • Workfusion raises $45 MM for financial crime compliance. (PYMNTS)
  • Smarter surveillance. (FinTech Global)
  • New AgenticAI compliance solutions. (Channel Insider)
  • Closing the AI divide. (ICC)
  • What are AI companies trying to build? (NYT)

For more information on the use of AI in Compliance programs, my new book, Upping Your Game. You can purchase a copy of the book on Amazon.com.

Categories
Daily Compliance News

Daily Compliance News: September 17, 2025, The Talking Bad Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen in to the Daily Compliance News. All, from the Compliance Podcast Network. Each day, we consider four stories from the business world, including compliance, ethics, risk management, leadership, or general interest, relevant to the compliance professional.

Top stories include:

  • Corruption leads to a food crisis in South Sudan. (The Hill)
  • Power to CEOs. (FT)
  • Trump says you can’t talk badly about me. (Palm Beach Post)
  • U.S. National Highway Traffic Safety Administration opens probe into Tesla Model Y cars over door handle failures. (Reuters)
Categories
The Hill Country Podcast

The Hill Country Podcast – Confronting Shame and Guilt in Recovery

Welcome to the award-winning The Hill Country Podcast. The Texas Hill Country is one of the most beautiful places on earth. In this podcast, Hill Country resident Tom Fox visits with the people and organizations that make this one of the most unique areas of Texas. This week, Tom welcomes Abby Filyaw and Lamar Davis from the Hill Country Council on Alcohol and Drug Awareness.

Abby Filyaw introduces Lamar Davis to discuss the complex topics of shame and guilt within the context of addiction recovery. The conversation explores definitions of shame and guilt, their impact on recovery efforts, and how different recovery processes like the 12 Steps and refuge recovery help address these feelings. The episode also touches on the significance of National Recovery Month, celebrated every September, and the role of community support and peer experiences in overcoming addiction-related stigma and promoting sustained recovery.

Key highlights:

  • Defining Shame and Guilt in Recovery
  • National Recovery Month and Personal Experiences
  • The 12-Step Process and Making Amends
  • Celebrating National Recovery Month
  • The Importance of Safe Spaces for Men in Recovery

Resources:

Check out the Hill Country Council on Alcohol and Drug Abuse (HCCADA) for further information on services, programs, and resources.

Other Hill Country Podcasts

Hill Country Authors Podcast

Hill Country Artists Podcast

Texas Hill Country Podcast Network

Categories
Compliance Tip of the Day

Compliance Tip of the Day – The CCO Role in Preparing the Board for the Next Crisis

Welcome to “Compliance Tip of the Day,” the podcast that brings you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements. Whether you’re a seasoned compliance professional or just starting your journey, our goal is to provide you with bite-sized, actionable tips to help you stay ahead in your compliance efforts. Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law. Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

We continue our 5-part series, considering several questions about compliance officers working with or on the Board. Today, we consider the role of a CCO in preparing a Board for the next crisis.

For more on this topic, check out The Compliance Handbook, a Guide to Operationalizing your Compliance Program, 6th edition, which was recently released by LexisNexis. It is available here.

Categories
Compliance Into the Weeds

Compliance into the Weeds: Checking in on Codes of Conduct

The award-winning Compliance into the Weeds is the only weekly podcast that takes a deep dive into a compliance-related topic, literally going into the weeds to explore a subject more fully. Looking for some hard-hitting insights on compliance? Look no further than Compliance into the Weeds! In this episode of Compliance into the Weeds, Tom Fox and Matt Kelly review a recent report from LRN on the state of Codes of Conduct.

This episode explores the multifaceted use of a corporate code of conduct, discussing its role as both a defensive and offensive tool. Tom and Matt emphasize the importance of managers talking about the code and view it as a substantive part of senior management’s dialogue on corporate culture. The conversation underscores the code’s utility in various contexts and advocates for its broader adoption within the organization.

Key highlights:

  • Code as a Tool
  • The Role of Managers in Code Discussion
  • Senior Managers and Corporate Culture
  • Versatility of the Code

Resources:

Matt on Radical Compliance

Tom

Instagram

Facebook

YouTube

Twitter

LinkedIn

A multi-award-winning podcast, Compliance into the Weeds was most recently honored as one of the Top 25 Regulatory Compliance Podcasts, a Top 10 Business Law Podcast, and a Top 12 Risk Management Podcast. Compliance into the Weeds has been conferred the Davey, Communicator, and W3 Awards for podcast excellence.

Categories
Blog

Board Week, Part 3: The CCO’s Role in Preparing a Board for the Next Crisis

Crisis is no longer a rare event. From ransomware attacks and regulatory shocks to activist investors and CEO departures, boards today operate in an environment defined by volatility and disruption. PwC’s recent memorandum, “Being Prepared for the Next Crisis,” highlights the importance of boards adopting a proactive approach to resilience and oversight. However, while directors bear the primary responsibility for governance, a Chief Compliance Officer (CCO) plays a distinct role: ensuring that the board is informed, equipped, and prepared to respond effectively.

The CCO is often the organization’s “early warning system,” translating risks from the operating level into insights for the board. In a crisis, this role becomes magnified. The CCO must help the board anticipate threats, stress-test plans, and avoid the common pitfalls that derail effective responses. Today, we will explore how CCOs can adapt the PwC framework into a playbook to guide the board through the crisis preparedness lifecycle.

1. Before the Crisis: Embedding Compliance into Resilience Planning

The best crisis plans are living documents that are constantly updated, tested, and integrated across all functions. For CCOs, the challenge is to ensure compliance and ethics considerations are built into those plans from the start.

The CCO’s Role:

  • Cross-functional integration. Ensure that the compliance function sits at the crisis planning table alongside risk, legal, and operations. Issues such as bribery, data privacy breaches, or third-party misconduct can escalate into crises if left unaddressed.
  • Scenario planning. Push for tabletop exercises that include compliance scenarios—not just cyber breaches. A dawn raid by regulators, whistleblower allegations, or sanctions violations should all be tested with the board. Most boards are fixated on cyber exercises (81%) while under-testing activist campaigns, fraud investigations, and geopolitical risks. The CCO can broaden that scope.
  • Defining escalation triggers. Collaborate with management and the board to define when compliance issues rise to the level of a board crisis. For example, a government subpoena, a major third-party red flag, or media exposure of misconduct should be predefined as triggers for immediate notification to the board.

By embedding compliance into resilience planning, the CCO ensures that ethical and regulatory risks are not afterthoughts but central to the crisis playbook.

2. During the Crisis: Supporting the Board’s Oversight and Communications

Once a crisis hits, speed and clarity are critical. Work to avoid pitfalls such as “leaping before looking,” minimizing the problem, or losing credibility with stakeholders. Here, the CCO becomes the board’s translator and truth-teller.

The CCO’s Role:

  • Facts over speculation. Ensure that communications to the board are grounded in verified information. If facts are incomplete, emphasize transparency about what is known and what remains to be investigated.
  • Maintaining authenticity. Compliance leaders are custodians of corporate values. During crisis communications, the CCO should challenge management if the messaging strays from the organization’s ethical commitments. As PwC notes, stakeholder trust depends on alignment with company values.
  • Stakeholder inclusivity. Understand the importance of addressing all stakeholders, not just the loudest. The CCO should ensure employees are included in the communication strategy. In many crises, employees are both victims and messengers. If left uninformed, they can become sources of rumor or disengagement.

The CCO also helps the board resist the temptation to downplay severity. Regulators and investors are unforgiving of minimization. Credibility, once lost, is difficult to recover.

3. After the Crisis: Driving Root Cause Analysis and Continuous Improvement

The PwC framework underscores the importance of post-event reviews, root cause analysis, and continuous improvement. For CCOs, this is where compliance expertise shines.

The CCO’s Role:

  • Independent assessment. If misconduct or governance failures triggered the crisis, the CCO should advocate for independent investigations to determine the cause. This not only ensures credibility but also demonstrates the board’s seriousness in remediating gaps.
  • Root cause focus. Compliance officers are trained to ask “how and why.” A surface-level review, examining what happened and the actions taken, overlooks the deeper cultural or control weaknesses that enabled the crisis to occur. Without addressing these, organizations remain vulnerable.
  • Policy and training updates. Post-crisis reviews should feed directly into compliance programs. If a whistleblower report was ignored, revise reporting protocols. If a sanctions violation occurred, strengthen third-party screening.
  • Board education. Provide directors with debriefs on regulatory trends that emerged during the crisis. For example, if a DOJ enforcement action shaped the company’s response, explain the broader implications for future oversight.

By institutionalizing lessons learned, the CCO helps the board convert a painful episode into a competitive advantage.

4. The CCO as the Board’s Crisis Sherpa

PwC notes that boards must balance guiding management while not being overwhelmed themselves. In practice, this requires a trusted advisor who can translate complexity, cut through the noise, and flag issues that rise to governance levels. That advisor is often the CCO.

The CCO’s Role:

  • Regular briefings. Establish quarterly “crisis readiness” updates for the board, led by compliance. These sessions review recent regulatory developments, whistleblower trends, and geopolitical risks.
  • Committee alignment. Work closely with the audit or risk committee to ensure that crisis oversight responsibilities are clearly defined and understood. In some cases, a compliance liaison may be designated to report directly to the board during a crisis.
  • Tone from the top. Model ethical courage in board communications. If executives resist disclosure or push spin, the CCO must be willing to articulate the risks of opacity. The board relies on the unvarnished truth, even when it is uncomfortable to hear.

The CCO, in essence, becomes the board’s crisis sherpa: guiding directors through treacherous terrain with foresight, facts, and fidelity to values.

5. A CCO’s Checklist for Board Crisis Preparedness

To translate this into action, here’s a compliance-focused checklist adapted from PwC’s recommendations:

  1. Ensure crisis plans are compliance-inclusive. Integrate regulatory, ethical, and third-party risks into enterprise crisis planning.
  2. Broaden board exercises. Advocate for tabletop simulations that extend beyond cyber—encompassing fraud, sanctions, whistleblower events, and activist campaigns.
  3. Define escalation triggers. Codify the process for escalating compliance issues to the board.
  4. Champion transparent communication. Push for fact-based, values-aligned messaging during crises.
  5. Include employees. Make internal communications as robust as external messaging.
  6. Drive post-crisis reviews. Lead root cause analysis and ensure findings inform compliance program updates.
  7. Educate directors. Keep the board informed about current regulatory expectations and cultural red flags.

Preparing the Board for the Crisis That Hasn’t Happened Yet

As PwC observes, a crisis is no longer hypothetical; it is cyclical. Boards that prepare systematically will emerge stronger. But preparation is not solely the task of directors or management. The Chief Compliance Officer must bridge the gap by embedding compliance into resilience plans, guiding directors during responses, and ensuring that lessons are institutionalized after the fact.

The next crisis will come. We don’t know whether it will be a cyber, regulatory, or reputational issue. But we do know this: the boards that succeed will have a compliance leader at their side, someone who combines regulatory expertise with cultural insight, and who can guide directors through the storm with clarity and integrity.

That is the CCO’s role. And it may be the most important contribution compliance makes to long-term corporate resilience.

Categories
Great Women in Compliance

Great Women in Compliance – 2025 SCCE Roundup with Special Guest Adam Turteltaub

Breaking News!  #teamgwic was at the Society of Corporate Compliance and Ethics (SCCE) annual Ethics & Compliance Institute in Nashville and is here to give you an update on our experience.  Ellen, Lisa, and Hemma all caught up mid-conference to interview each other about their panels and also what people were talking about outside the presentations. We had the chance to recap on our earlier panels:  Ellen about how to train leaders to hear and act on bad news in a way to improve our programs; Hemma speaking about how to move your program from a risk-avoidant program to a forward-thinking ethics and compliance program, which is ultimately a competitive advantage, and Lisa’s panel which discussed data analytics for humans – intended to be a practical discussion of what data analytics are and how we are all analyzing data.

At the end, we were able to bring in a surprise guest – the one and only Adam Turteltaub, SCCE’s Chief Strategy and Engagement Officer.  He provided highlights of the conference so far and updates about SCCE’s new CEO, Garth Jordan.

Sarah was unable to join the recording, but all would agree that CEI left us with new ideas, new friends, and the chance to catch up with this great community.